Forwarding resolution fails
Kevin Darcy
kcd at daimlerchrysler.com
Wed Apr 3 02:31:18 UTC 2002
susan hall wrote:
> I have 2 servers set up to forward a couple of "private" domains to a
> set of "private" ips. 99% of the time this is ok. Every now and then,
> suddenly, bind cannot resolve a hostname within one of these domains,
> calls it non-existent, which is what happens without the forwarding
> info. A restart of named fixes it.
>
> This is bind 8.2.3 on AIX 4.3.3. Any info on this?
Are you using "forward only" or "forward first"? "Forward first" is the
default setting. What may be happening is that the forwarders are
temporarily unavailable, and because of "forward first", your nameserver
may then be trying to resolve the name iteratively. If it gets back an
NXDOMAIN from this resolution attempt, it may store that as a negative
cache entry, and so the name will be unresolvable for a while, even after
the forwarders are available again. This is why restarting named
"fixes" the problem.
Setting the mode to "forward only" is a way to deal with the problem --
then the query (properly) fails when the forwarders are unavailable. If
you need more redundancy than that, make yourself a slave for the zone
instead of forwarding.
- Kevin
More information about the bind-users
mailing list